From 038a0c8176b2979067709364298893ce136f89fd Mon Sep 17 00:00:00 2001
From: fruchti <fruchti@gvfr.de>
Date: Fri, 4 Jul 2025 09:14:40 +0200
Subject: [PATCH] Nextcloud: Serve on 4431 with proxy protocol

---
 hosts/nextcloud.nix | 30 +++++++++++++++++++++++++++++-
 1 file changed, 29 insertions(+), 1 deletion(-)

diff --git a/hosts/nextcloud.nix b/hosts/nextcloud.nix
index 029599f..e68b058 100644
--- a/hosts/nextcloud.nix
+++ b/hosts/nextcloud.nix
@@ -49,13 +49,41 @@ in
         after = ["postgresql.service"];
     };
 
-    networking.firewall.allowedTCPPorts = [ 80 443 ];
+    networking.firewall.allowedTCPPorts = [ 80 443 4431 ];
 
     services.nginx = {
         virtualHosts.${hostName} = {
             forceSSL = true;
             enableACME = true;
         };
+        defaultListen = [
+            {
+                addr = "[::]";
+                port = 443;
+                ssl = true;
+            }
+            {
+                addr = "0.0.0.0";
+                port = 443;
+                ssl = true;
+            }
+            {
+                addr = "[::]";
+                port = 80;
+                ssl = false;
+            }
+            {
+                addr = "0.0.0.0";
+                port = 80;
+                ssl = false;
+            }
+            {
+                addr = "[::]";
+                port = 4431;
+                ssl = true;
+                proxyProtocol = true;
+            }
+        ];
     };
 
     users.extraGroups.music = {